Table Of Contents
Release Notes for CiscoWorks Network Compliance Manager, 1.2.1
NCM and LMS Co-residency Requirements
NCM High Availability System Requirements
Installing the Enhanced PERL API
Change Detection and Configuration Management
Policy Manager and Compliance Violations
Batch Changes and Task Management
Known Limitations and Problems
Administrative Settings - User Authentication Page Crypto Key Exception
Banner Handling Strings Require Device-specific Passwords
BayRS Device Can Lose Ability to Provide Snapshot
BayStack 450 Could Stop Responding to Telnet, SNMP, or ICMP
Cisco Banner Messages Special Characters
Command Line Interface: connect Command
Command Line Interface: Set Telnet or SSH Client Width to 500
Console Server: SSH Access is not Supported
Deploy to Startup Config and Reboot not Supported Using SNMP
Diagnostics: When to Run ICMP Tests
Distributed System Performance
Duplicate IP Addresses with Multiple Sites
Extreme Devices: Configuration Comments Can Cause Misconfiguration
Inventory: Data from Device Overwrites Manually Entered Values
Juniper Devices with SCP Enabled do not Capture Running Configurations
RADIUS External Authentication
Reports: Checkpointing Can Cause Reports to be Inflated
Scripts: Cannot Save Command Scripts with Quote Marks in the Name
Scripts: Cannot Save Template or Command Scripts with a Period in the Name
Scripts: Command Scripts and Templates for Cisco Aironet VxWorks Devices
Scripts: Output Results in HTML Format
SecurID Software Token Software, Version 3.0.5
Sending Reports to External Email Addresses
Software Center: Cisco IOS 2500
Software Center: Cisco IOS Devices
Software Center: Deploying Software
Software Center: Downgrading Nortel OS and Rebooting Could Leave Device Inaccessible
Software Center: Image Set Name Requirements
Software Center: Reboot Option
SQL Server 2005 Password Requirement
Tasks: Running External Application Tasks Presents a Possible Security Risk
Tasks: Task Scheduled for the 31st Might Run on the 1st
Unresponsive Script Warning Message in Mozilla Firefox 1.5 (or Higher)
Obtaining Documentation, Obtaining Support, and Security Guidelines
Release Notes for CiscoWorks Network Compliance Manager, 1.2.1
August, 2007
These release notes include important information regarding CiscoWorks Network Compliance Manager (NCM), Release 1.2.1. NCM provides network configuration and change features, policy-based workflows, best of class compliance reporting capabilities, and APIs. NCM includes integration with CiscoWorks—initially launchable from the CiscoWorks home page and interoperability with other CiscoWorks applications such as the LMS bundle through the CommonServices Device Credential Repository (DCR).
Note
All documentation, including this document and any or all of the parts of the NCM documentation set, might be upgraded over time. Therefore, we recommend you access the NCM documentation set using the Cisco.com URL: http://www.cisco.com/en/US/products/ps6923/tsd_products_support_series_home.html.
In addition, the Docs tab visible from within Network Compliance Manager might not include links to the latest documents.
Contents
This release note contains the following sections:
•
•
Features in This Release
NCM Release 1.2.1
The NCM 1.2.1 release includes the following enhancements:
•
•
–
–
–
•
•
•
•
•
To configure this new setting, you must have NCM configured to use AAA credentials for snapshot tasks. To do this, navigate Admin Settings >Device Access >Task Credentials and uncheck the Allow Standard Device Credentials option for Take Snapshot. Then, check the corresponding option for Allow User AAA Credentials for Take Snapshot.
To enable a specific user account to be used in cases where NCM does not have AAA credentials to collect a snapshot, do the following:
a.
b.
Note
•
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
•
NCM Release 1.2
The 1.2 release includes the following features:
•
–
–
–
•
–
–
•
•
System Requirements
This section includes the following:
Linux Server Requirements
The following tables provide the recommended requirements when installing NCM on a Linux platform. Keep in mind that the application server and the database server can be configured together or separately depending on the size of the network.
Note
Note
Summary Reports
Summary reports are generated in the Microsoft Excel XLS format. Excel does not run on Linux. You can either run the Summary reports from a Windows client computer connected to your NCM server or you can use one of the following products that run on Linux and can open Excel files:
•
•
•
Solaris Server Requirements
The following tables provide the recommended requirements when installing NCM on a Solaris platform. Keep in mind that the application server and the database server can be configured together or separately depending on the size of the network.
Note
Note
Summary Reports
Summary reports are generated in the Microsoft Excel XLS format. Excel does not run on Solaris. You can either run the Summary reports from a Windows client computer connected to your NCM server or you can use one of the following products that run on Linux and can open Excel files:
•
•
•
Windows Server Requirements
The following tables provide the recommended requirements when installing NCM on a Windows platform. Keep in mind that the application server and the database server can be configured together or separately depending on the size of the network.
Note
Note
NCM and LMS Co-residency Requirements
The following are the recommended requirements when you are enabling co-residency of NCM and CiscoWorks LAN Management Solution (LMS):
•
•
For detailed information on NCM and LMS co-residency, refer to the Configuration Guide for Network Compliance Manager and LMS Co-residency.
Installation Considerations
Note
http://www.cisco.com/cgi-bin/tablebuild.pl/cwncm-crypto
NCM Gateway Requirements
The Network Compliance Manager Gateway enables a NCM Core to manage servers that are behind one or more NAT devices or firewalls. The NCM Gateway is supported on the following platforms:
•
•
•
•
•
NCM High Availability System Requirements
The NCM High Availability Distributed System is a multi-master system where the data from each NCM Core is available to all other NCM Cores. This collection of NCM Cores is called an NCM mesh. This configuration helps provides a comprehensive view of your data and allows for redundant data and failover in the event of a problem with the NCM Core. Each NCM Core consists of an NCM Management Engine, its associated services (Syslog and TFTP), and a single database.
Note
Upgrading the OS
Before performing server maintenance or upgrades, take steps to ensure that in the case of application or OS corruption, you will be able to restore critical NCM data.
Step 1
Step 2
<NCM directory>\client\scripts\
<NCM directory>\addins\
<NCM directory>\jre\
<NCM directory>\server\lib\drivers
<NCM directory>\docs
If upgrading the server causes NCM to malfunction, contact Technical Support.
Backing Up User Files
During an upgrade, the NCM Setup program automatically backs up user files, such as the Summary reports and NCM scripts, to the following directories:
For Windows:
\winnt\temp\rendition\addins
\winnt\temp\rendition\images
\winnt\temp\rendition\log
\winnt\temp\rendition\scripts
For Solaris:
/var/rendition/addins
/var/rendition/images
/var/rendition/log
/var/rendition/scripts
Note
Installing the Enhanced PERL API
The following modules are provided on the NCM Distribution CD:
•
•
•
Installation Requirements
PERL version 5.8 or later is required.
If you are using the Auto Installer, skip to the "Auto Installer Method:" section.
Note
If you are manually installing the PERL API, confirm that certain versions of PERL and/or PERL modules (that are not part of some core PERL distributions) are installed before you begin. Refer to the META.yml file within each package/tarball for its requirements.
If your PERL distribution does not contain all of the required PERL modules, they are available at http://www.cpan.org and/or via PPM. If you are using ActivePerl, try PPM first.
PPM (ppm.exe) is part of the ActivePerl distribution. If you are using ActivePerl, it is recommended that you use the PPM method. You can also run PPM without arguments and then issue the install command. You may need to do this for some PERL modules that have multiple versions to choose from, followed by install # (where # is the item in the list returned by the install command). Keep in mind that PPM prefers to use the - as a namespace separator in place of the PERL :: separator.
To install any of the required modules, use one of the following commands:
•
•
Note
Installation Steps
There are two methods for installing the PERL API modules. The first and easiest method is to use the Auto Installer. You can only use the Auto Installer, however, if you have installed the PERL API distribution via the NCM installer. Otherwise, you must use the manual installation method.
Auto Installer Method:
The Auto Installer installs all of the Cisco::NCM modules as well as their dependencies.
Step 1
–
–
Note
Step 2
Step 3
perl client/perl_api/har/install.pl
Note
All of the Cisco::NCM modules are installed, as well as their dependencies. However, only pure PERL dependencies are provided. For example, SOAP::Lite is provided, which includes a minimalist lightweight XML parser. For the best performance, we recommend that you have the XML::Parser module installed.
If you are using ActivePerl (with a PERL version of 5.8 or better), the XML::Parser module is included with the distribution. Otherwise, you will need to use PPM, CPAN, or manually download and install the module.
Manual Install Method:
Keep in mind that the installation could fail if your PERL installation does not meet certain requirements. Refer to the "Installation Requirements" section. In addition, the Cisco::NCM PERL modules are distributed as compressed tarballs, similar modules on CPAN. They are located in the following directory: <NCM_ROOT>/client/perl_api/Cisco/.
To untar and uncompress all of the modules at one time, you can use the ptar command. ptar is distributed as part of the popular PERL module Archive::Tar, which is included in the standard ActivePerl distributions. To view the contents of the directory and to extract the contents into your current directory, enter: ptar -xzvf PATH/TO/whatever.tar.gz.
For each of the following modules, uncompress and untar the module(s) and change to the directory that was created:
•
•
•
To install the PERL API on a Windows platform with ActivePerl, or any platform running a version of PERL that has the Module::Build module installed, enter:
•
•
•
•
You may also use the traditional CPAN method. Enter:
•
•
•
•
Note
PERL Documentation
After installing the PERL API, you can view the following PERL POD pages:
•
•
•
•
Your PERL distribution can also build HTML files for the documentation.
Examples
There are PERL API examples in the demo directory. These examples illustrate how to use the PERL API. Keep in mind that it is possible to run the examples without installing the PERL modules by remaining in the demo directory and supplying the relative (or full) path to each example, as in:
•
•
Resolved Problems
NCM 1.2.1 includes the following fixes:
Discovering Network Devices
Detect Network Devices task no longer adds new devices with network and broadcast addresses
In previous releases, when the Detect Network Devices task was run with a CIDR range, NCM would add devices for the network and broadcast addresses. NCM has been enhanced to remove the first and last address from a scan when the address scan is specified as a CIDR range. This eliminates the broadcast and network range from being scanned, and erroneously adding new devices.
Change Detection and Configuration Management
Edit & Deploy Configuration feature now correctly tracks the most recent configuration on a device
When using the Edit & Deploy Configuration feature, previously the configuration scheduled for deployment would erroneously show as the most recent configuration. This has been fixed.
Change Notification email now attributes the correct username
The Change Notification email from NCM no longer attributes the wrong username with configuration changes.
BayRS drivers no longer fail to parse binary configurations if circuit name starts with 0
The BayRS driver no longer fails to parse the binary configuration if a circuit name contains a number that starts with 0.
Parsing of syslog messages from Cisco devices improved for real-time change detection
In previous releases, if the msec in the timestamp of the syslog message was less than 255, NCM change detection failed. This has been fixed.
NCM now correctly displays more than one configuration in the configuration audit trail
In NCM 1.2.1, it was possible for NCM to only display one configuration for the device configuration audit trail, even if the device had many historical configurations. This has been fixed.
Searching and Reporting
Compliance Center reports now correctly list port availability
NCM Compliance Center reports now correctly report Port availability. Previously, the Free Ports column was not always accurate.
Advanced Search now contains the current number of context lines in mailed and CSV reports
Advanced Search reports now display the correct number of context lines in mailed and CSV reports based on search criteria.
Summary reports displayed last run date now matches filestamp date
The Summary reports, Summary tab, and Last Run: date now report the actual date when a report was run.
Links to Summary reports from Compliance Center and User & System reports now work correctly
In previous releases, the Compliance Center reports and the User & System reports had invalid links to the Summary reports.
Context lines are not maintained across multi-page search results
In previous releases, when searching for configurations that contain specific text, the option to specify the number of context lines did not work across pages in a multi-page search result display. As a result, when the Next Page button is selected to move to the next page of a multi-page search results display, the previously entered number of context lines reversed back to the default value of 3. This has been fixed.
The Application Switch device type is now a searchable option
The Application Switch device type is now listed as an option when searching for a device by device type.
Users are now able to run the Diagramming report from My Favorite reports
In previous releases, you could not run Diagramming reports from My Favorite reports. This has been fixed.
Device search for `Ports in Use' no longer fails with SQL error
In a previous release, a Search for Devices where the criteria included Ports in Use failed with a SQL error. This has been fixed.
Policy Manager and Compliance Violations
Configuration Policy Activity page now shows the most serious importance rating for a device with multiple compliance violations
The Configuration Policy activity page now shows the most serious importance rating for devices with multiple compliance violations. For example, if a device has a Medium and a Critical violation, the rolled up report shows the device as Critical.
Dynamic device group criteria based on device compliant state now works
For dynamic device groups where the filter is defined as "non-compliance with specific policy rules," the filter now works as expected.
Batch Changes and Task Management
Run Script command in the CLI/API now runs correctly with double-quotes
The Run Script command in the CLI/API now runs correctly when double-quotes are used. For example, previously Run Script would fail if double-quotes with a single character were used.
Software Update task page refresh no longer results in a page error
When updating a Software Update task, upon refresh, an error would occur: failed to save task: $1$. This has been fixed.
Checking the Show Task Detail checkbox no longer breaks multi-page task browsing
In previous releases, when viewing a list of Child tasks (subtasks) of a Group task, if you select the Show task detail checkbox and then move to the next page of the task, the page is not displayed. This has been fixed.
Saving a new template with more than 4,000 characters no longer returns an error
In previous releases, saving a new template with more then 4,000 characters returned the error: ORA-01704: string literal too long. This only impacts Oracle installations. This has been fixed. [
Event Rules
Event Rule emailing contents of a diagnostic task no longer fails to include actual diagnostic information
In previous releases, the event variables for diagnostics, $CurrentDiag$, $PreviousDiag$, and $Diff, were only valid for the Device Diagnostic Changed event. These event variables are now available in Event Rules from any Diagnostic event (Device Diagnostic Changed, Device Diagnostic Completed Successfully, and Device Diagnostic Failed).
Permissions
View Partition device view abilities enhanced
You can no longer set View Partition permissions to users for View Partition Permissions that they have not been granted or set View Partition Permissions on Partitions that they cannot view.
Users can no longer run scripts from the CLI/API without explicit permission
Users can no longer run scripts from the CLI/API without being granted Script Permission.
Granting a user Command Permission to "Run External Application" now enables this capability as an Event Rule for that user
Granting a user Command Permission to Run External Application now enables this capability as an Event Rule function for that user.
Performance
Event Pruner on Oracle can now delete more than 10K records
The Event pruner no longer stalls when deleting more than 10,000 records.
Single device tasks scheduled via the Device Selector are no longer erroneously scheduled as a group task
When using the Device Selector to schedule a task, if you schedule a task on a single device, NCM now schedules a standard single device task.
Batch editing on device groups
Performance has been improved by enabling batch editing on selected device groups (as opposed to using the select all option).
Search for devices no longer fails if search criteria equals more than 2,048 characters
You can now perform searches in NCM where the search criteria provided is greater than 2,048 characters. For example, Search for Devices where Device Group is <select long list of different device groups>.
Device Snapshot event filter no longer causes snapshot failures
In previous releases, enabling the Device Snapshot event filter in the Admin Settings caused snapshots to fail. This has been fixed. You can now disable this event to improve performance without any adverse effects.
Displaying large device list
When NCM displays a large device list, it now avoids a large CPU performance hit.
Syslog_wrapper.log file
The start_syslog_wrapper.log file now includes a pruning method to restrict file growth.
Security
Console Server password is now masked on output
The console server password is considered to be sensitive data and is therefore masked on output as {SECURE STRING}.
API/CLI
Perl API list-modules command now returns the correct type
The list_modules command in the NCM Perl API now returns the correct type and data.
Perl API list-ports command now returns the correct type
The list_ports command in the NCM Perl API now returns the correct type and data.
list_site command added to Perl API
The list_site command now exists in the NCM Perl API.
Table 10 lists the problems that were resolved in CiscoWorks Network Compliance Manager, Release 1.1. Table 11 lists the problems that were resolved in CiscoWorks Network Compliance Manager, Release 1.2.
Known Limitations and Problems
This section contains information about the limitations and problems known to exist in the NCM 1.2 product.
CSCse09644—The cwncm_import script does not parse the hostname as present in the CSV file.
Description: When exporting some devices from DCR into the CSV file using dclr_export.sh or from Device Management UI of LMS, the cwncm_import script does not parse the hostname (present) in the CSV file; instead, it substitutes the IP Address as the hostname for all these imported devices.
Workaround: You can manually change the Hostname by looking up the corresponding name in the CSV file. This issue will be fixed in a future release.
CSCse09092—Clicking Perform Test does not launch a new window.
Description: From Policies > Policy List > Add New rule > Test > Added Devices from Device Selector, select Perform Test. A browser window does not launch to display the Test Results screen.
Workaround: The problem only happens when you select a UNIX driver for the UNIX end hosts. Selecting any other device type will resolve the issue.
CSCse11820— Installation hangs if you provide incorrect Database credentials.
Description: Oracle is installed successfully and you proceed with NCM installation. If you provide any incorrect database credentials (port number, DB name, or password) while configuring the NCM Database, then NCM hangs while trying to connect to the database.
Workaround: Stop the installation using the Windows task manager. Restart the installation and enter the correct credentials.
CSCse14518—When you attempt to delete a large number of devices from the NCM database, it fails.
Description: Devices are imported into NCM, which uses Oracle database. Go to the Device > Inventory window, select a large number of devices that you wish to delete, and select Delete. NCM prompts you confirm the deletion. Click yes. After sometime, only 200 devices are deleted.
Workaround: Delete a smaller number of devices at each attempt (< 500 devices).
CSCse16371—An error message incomplete command displays when you try to get hardware information for a CRS-8/S device.
Description: From Inventory, select a CRS-8/S device. Go to View > Diagnostics > Hardware Information. No hardware info gets displayed, instead an error with the message incomplete command is displayed.
Workaround: There is no known workaround for this issue. Please avoid using this feature for this device type.
CSCse16848—Duplicate entries are seen in the software updates report.
Description: When adding more than one image set from Devices > Device tools > Software Images, the weekly report incorrectly reports two successful updates when this is not the case.
Workaround: There is no known workaround for this issue.
CSCsg79893—License monitor results column updated only after browser manual refresh.
Workaround: This is how all the System Monitors work. By default the monitor data is updated every 6 hours but this is configurable.
CSCsh28136—Installer fails to copy licenses from a directory whose name has spaces.
Workaround: Make sure that the directory and directory path where the license files are being copied do not have spaces in their names. If you must use directory and directory path names containing spaces, make sure to quote the entire path.
Caveats
Please read the following usability issues before using NCM. These issues are listed in alphabetical order.
Administrative Settings - User Authentication Page Crypto Key Exception
It is possible that after upgrading to NCM 1.2, you will not be able to access any of the menu items under Administrative Settings. This is due to a corrupted encryption option in the site_options.rcx file.
Workaround:
Step 1
Step 2
Step 3
Step 4
Before:
<option name="twist/password"><title>Twist Password</title><section>Cisco Server Automation System Authentication</section><size>30</size> <type>EncryptedText</type><comment>Web Services Data Access Engine Password for finding connected servers.</comment>encrypted:sQAHLgjGjdGIbvNB18NEoQ==</option>
After:
<option name="twist/password"><title>Twist Password</title><section>Cisco Server Automation System Authentication</section><size>30</size> <type>EncryptedText</type><comment Web Services Data Access Engine Password for finding connected servers.</comment></option>
Step 5
Step 6
Step 7
Step 8
Step 9
Step 10
Step 11
Step 12
Step 13
Step 14
Step 15
Step 16
Banner Handling Strings Require Device-specific Passwords
If you enter banner handling strings, Devices > Inventory > Edit > Show Device Access Settings (device-specific settings) > Setting > Banner skip regex option and enter common prompt strings, such as password or username, you cannot apply network-wide Password Rules to the device. If you do, the banner handling fails without generating any errors, and the device does not work with NCM device drivers. Tasks such as Snapshot and Driver Discovery do not work.
Workaround: Always use device-specific passwords on the Edit Device window.
Batch Insert ACL Line Option
When using the Batch Insert ACL Line option (Devices > New Device Task > Batch Insert ACL Line), the Task Options section on the New Task - Run Command Script window does not contain script content. While the Command Script to Run field correctly displays Cisco IOS Insert (or Remove) Line into (or from) ACL by handle, it does not present the script or script variables for execution until a device or device group for which the script supports is selected.
BayRS Device Can Lose Ability to Provide Snapshot
Occasionally, the BayRS device can enter a state in which it cannot provide a snapshot. Snapshot tasks fail with the following error message.
File retrieval error
Workaround: Rebooting the BayRS device restores the normal state on the device.
BayStack 450 Could Stop Responding to Telnet, SNMP, or ICMP
If you connect using a console to a BayStack 450, the allowed Telnet/SNMP Manager List is unexpectedly cleared out, indicating all management traffic is denied. This occurs when the device configuration file is downloaded repeatedly using TFTP. Nortel confirms this is an OS bug in some versions. The Nortel bug reference is CR 031215-85145.
Workaround: Do not snapshot more frequently than four times per day (the default). Be sure to turn off IGMP snooping if not in use. In case the BayStack 450 is unresponsive to Telnet, the switching function of the BayStack 450 is not affected. You should schedule a non-peak hour to reboot the device (or use terminal access to gain access).
Canceling or Deleting Tasks
Some NCM tasks will spawn external processes to run PERL or Expect scripts, or to run user-provided executables or shell scripts. Under certain circumstances, NCM may not be able to kill these external processes when the spawning task is cancelled or deleted. This could include scripts that spawn sub-processes or processes that are coded to catch kill signals.
Workaround: Manually stop the external process on the NCM server.
Cisco Banner Messages Special Characters
Cisco uses a superscript L (L) special character to begin and end banner messages in its configuration files. This character is not typically supported by XML. Consequently, when you create a policy enforcement rule, incorporating the L special character, you are able to export the policy, but not import the policy using this rule.
Workaround: You can manually edit the XML before importing the policy by adding a delimiting character before and after the banner, as long as the delimiting character does not occur in the banner itself.
Cisco Catalyst Switches
Catalyst switches running CatOS 8.3(3) could crash when you connect to them using SSHv2 (for example from an SSH client, such as SecureCRT or Putty). By default, NCM uses SSHv2 as the primary access method to network devices. Therefore, there is a substantial risk that a Catalyst switch running 8.3(3) could be reset when managed by NCM.
Workaround: Upgrade your Cisco Catalyst to CatOS 8.3(4). If this is not possible, edit your Catalyst devices running 8.3(3) in NCM to use only SSHv1 or Telnet for device access.
Command Line Interface: connect Command
The connect command in the NCM Proxy now accepts a device ID. This is needed because device IP Addresses are no longer required to be unique. If you pass an invalid device ID, such as an ID that is not a number, with the connect command the NCM Proxy session is abruptly terminated.
Workaround: Reconnect to the NCM Proxy and enter a valid device ID.
Command Line Interface: Set Telnet or SSH Client Width to 500
The NCM CLI has very wide output. For maximum ease in viewing the data, set your client's buffer width to 500.
Console Server: SSH Access is not Supported
NCM does not support console server access using SSH. If you use a console server to access a device, you must use the Telnet connectivity. In other words, in the New Device window /Edit Device window, if Use to access device is checked in the Console Server Information section, you should make sure that the Telnet option in the Connection Information section is also checked.
Deploy to Startup Config and Reboot not Supported Using SNMP
NCM can deploy a configuration file to the startup configuration and reboot the device using the command line only. If the device is configured for SNMP access only (see the Device Driver Reference for Network Compliance Manager for Network Compliance Manager), deploy startup and reboot will fail.
Detect Network Devices Task
The NCM system prevents you from inadvertently running more than one Detect Network Devices task concurrently. Although the Detect Network Devices task generates only a minimal level of traffic, NCM provides this protection to help minimize additional traffic when running duplicate or additional Detect Network Devices tasks simultaneously. If a second or third Detect Network Devices task is scheduled while an earlier Detect Network Devices task is running, NCM will place the new task(s) in the Waiting state. The task(s) will run individually after the first Detect Network Devices task has completed.
Diagnostics: When to Run ICMP Tests
Use ICMP tests only to verify connectivity occasionally or after a change. They are not a replacement for monitoring software. You should schedule ICMP tests no more than once per 10 minutes.
Diagramming
NCM applies an absolute value for the text height attribute for interface and port labels shown in Visio diagrams. When the Visio VDX file is loaded, Visio assigns an incorrect formula to the text height attribute. As a result, when you have more than two lines of annotated text, such as a label, for an interface or port and you attempt to copy and paste, the label of the new interface or port is displayed improperly and could hide the interface or port icon.
Workaround: Click the Text Tool option on the Visio tool bar and move the label so as to expose the interface or port icon.
Displaying Diagnostics
Most NCM diagnostics are stored in text format. For a list of NCM diagnostics, from the Reports drop-down menu, select Search For and click Diagnostics. The following NCM diagnostics, however, are stored in binary format, and therefore are not searchable:
•
•
•
•
•
Workaround: Because the issue is that built-in diagnostics are not stored as clear text, you can create a custom diagnostic that performs the appropriate command (for instance, Show Interfaces for the equivalent of Module Status). As a result, the custom diagnostic will be searchable.
Distributed System Performance
When running a Distributed System, if you are deleting many objects simultaneously, the system may take a while to push transactions for large delete operations.
Duplicate IP Addresses with Multiple Sites
If your system is configured with multiple Sites in different Realms, you could see duplicate IP addresses if you select the Multiple Devices/Groups option on a New Task window when browsing the Inventory Group using the Device Selector.
Workaround: Using the Device Selector, browse to devices using the specific Site Group.
Extreme Devices: Configuration Comments Can Cause Misconfiguration
On Extreme devices, adding inline comments between multi-line commands, such as user account commands or set banner commands, can cause serious problems if the resulting configuration is deployed.
Workaround: Do not add inline comments between multi-line commands. Add comments on the line above the start of a command.
Installing NCM on Linux
When installing NCM on a Linux platform, the install might fail because there is no access to the MySQL database.
Workaround: When installing NCM on a Linux platform, perform the following steps prior to starting the installation.
Step 1
Step 2
3. Save and close the /etc/hosts file.
If you have already started the installation, use the Linux command line to run the following commands:
#mysql -h <device ip - not 127.0.0.1> -u root mysql
mysql> GRANT ALL PRIVILEGES ON *.* TO root@localhost.localdomain IDENTIFIED BY '<password&
Guest
